U.S. patent application number 11/832772 was filed with the patent office on 2008-06-26 for apparatus and method for managing rights object.
This patent application is currently assigned to SAMSUNG ELECTRONICS CO., LTD.. Invention is credited to Kyung-im JUNG, Yeo-jin KIM, Yun-sang OH.
Application Number | 20080155683 11/832772 |
Document ID | / |
Family ID | 39544911 |
Filed Date | 2008-06-26 |
United States Patent
Application |
20080155683 |
Kind Code |
A1 |
KIM; Yeo-jin ; et
al. |
June 26, 2008 |
APPARATUS AND METHOD FOR MANAGING RIGHTS OBJECT
Abstract
An apparatus and method for managing a rights object by backing
up and restoring the rights object between a host device and a
multimedia card are provided. The apparatus includes an input unit
that receives an order signal from a user, a rights-object-managing
unit that determines whether the rights object can be backed up and
restored based on rights object information when the order signal
is input, and backs up and restores the rights object according to
a result of the determination, and an information-managing unit
that manages information related to movement and removal of the
rights object and information on the backed up and restored rights
object.
Inventors: |
KIM; Yeo-jin; (Suwon-si,
KR) ; OH; Yun-sang; (Seoul, KR) ; JUNG;
Kyung-im; (Seongnam-si, KR) |
Correspondence
Address: |
SUGHRUE MION, PLLC
2100 PENNSYLVANIA AVENUE, N.W., SUITE 800
WASHINGTON
DC
20037
US
|
Assignee: |
SAMSUNG ELECTRONICS CO.,
LTD.
Suwon-si
KR
|
Family ID: |
39544911 |
Appl. No.: |
11/832772 |
Filed: |
August 2, 2007 |
Current U.S.
Class: |
726/21 |
Current CPC
Class: |
G06F 2221/0782 20130101;
G06F 21/10 20130101 |
Class at
Publication: |
726/21 |
International
Class: |
G06F 12/14 20060101
G06F012/14 |
Foreign Application Data
Date |
Code |
Application Number |
Dec 22, 2006 |
KR |
10-2006-0132984 |
Claims
1. An apparatus for managing a rights object, the apparatus
comprising: an input unit that receives an order signal from a
user; a rights-object-managing unit that determines whether the
rights object can be backed up and restored based on rights object
information when the order signal is input, and backs up and
restores the rights object according to a result of the
determination; and an information-managing unit that manages
information related to movement and deletion of the rights object
and information on the backed up and restored rights object.
2. The apparatus of claim 1, wherein the rights object information
comprises information on the backup of the rights object, state
information, and rights log information.
3. The apparatus of claim 1, wherein the rights object is backed up
to a secure multimedia card.
4. The apparatus of claim 3, further comprising: a communication
unit that transmits and receives the order signal for the backup
and restoration of the rights object by communicating with the
secure multimedia card.
5. A method of managing a rights object, the method comprising:
receiving an order signal from a user; determining whether the
rights object can be backed up based on rights object information
when a backup-order signal is input; backing up the rights object
according to a result of the determination; determining whether the
backed up rights object can be restored based on the rights object
information when a restoration-order signal for the backed up
rights object is input; restoring the backed up rights object
according to a result of the determination; and managing
information of the backed up and restored rights object.
6. The method of claim 5, wherein the determining whether the
rights object can be backed up comprises determining whether a
corresponding rights object has a backup permission by checking the
rights object information before the backup of the rights object is
performed.
7. The method of claim 5, wherein the determining whether the
backed up rights object can be restored and the restoring the
backed up rights object comprise: determining whether a device to
restore the backed up rights object is identical with device
information registered in restoration information; checking whether
an original rights object is removed from a corresponding device,
if the device is identical with the device information; and
restoring the backed up rights object, if the original rights
object is removed.
8. The method of claim 7, further comprising: terminating the
process of restoring the rights object, if the original rights
object is moved.
9. The method of claim 5, wherein the rights object information
comprises information on the backup of the rights object, state
information, and rights log information.
10. The method of claim 5, wherein the rights object is backed up
to a secure multimedia card.
Description
CROSS-REFERENCE TO RELATED APPLICATION
[0001] This application claims priority from Korean Patent
Application No. 10-2006-0132984, filed on Dec. 22, 2006 in the
Korean Intellectual Property Office, the disclosure of which is
incorporated herein in its entirety by reference.
BACKGROUND OF THE INVENTION
[0002] 1. Field of the Invention
[0003] The present invention relates to managing a rights object,
and more particularly, to an apparatus and method for managing a
rights object by backing up and restoring the rights object between
a host device and a multimedia card.
[0004] 2. Description of the Related Art
[0005] Generally, a rights object (RO) is information needed to
legitimately use digital content, which has to be stored and
managed in a secure way. A secure multimedia card is storable and
portable, which stores digital content or moves it to another
device, thereby enabling the digital content to be efficiently
used. A current user can buy and use digital content and an RO.
However, if the RO is damaged or lost, the user cannot use the
purchased digital content. In order to prevent infringement of
consumers' rights, backup of the RO is required.
[0006] On the assumption that backup of an RO is a copy of data,
there is a possibility of a copy of the RO in the backup and
restoration process. Accordingly, there are many restrictions in
order to prevent the copy of the RO.
[0007] FIG. 1 illustrates a configuration of a related art
apparatus for backing up an RO.
[0008] A process of backing up an RO to a secure multimedia card in
a host A will be described in the following.
[0009] When a user backs up an RO (S11), if the RO has no backup
permission, the process is terminated. In order to restore the
backup RO only to a host device (an original device) that performs
a backup, the corresponding host device is encrypted using a public
key. Here, the RO having backup permission cannot be moved to
another device (e.g., a host B), unless the backup RO is removed.
If the original RO is moved to another device, there is a
possibility of a copy of the RO when the RO is restored.
[0010] A process of restoring the backup RO from the secure
multimedia card to the host A will be described in the
following.
[0011] The device in which the backup RO is stored is connected to
the original device (i.e., the host A), and the backup RO is
restored (S12). Here, the backup RO is free to move to other
devices (e.g., hosts B and C), but can be restored only to the
original device.
[0012] When the backup RO is decrypted using an individual key of
the original device, the restoration of the RO is completed.
[0013] In the related art apparatus, the backup RO can be restored
only to the host device that performed the backup, and the RO
having backup permission cannot be moved from the host device to
another device, which are problems.
[0014] FIG. 2 illustrates a process of copying an RO using a
related art 1-pass rights object acquisition protocol (ROAP)
process. Here, because the 1-pass ROAP process cannot receive a
response from a host device, mutual authentication is not possible.
The host device receives all of transmitted data, which presents a
security problem.
[0015] A rights issuer issues an RO to a host A via the 1-pass ROAP
process (S21). At this time, an unauthorized device that exists
inside or outside of the host A copies and stores the issued RO
(S22).
[0016] When the host A moves the issued RO to a host B (S23), the
unauthorized device issues the stored RO to the host A via the
1-pass ROAP process (S24). Hence, the copied ROs remain in the
hosts A and B.
[0017] Accordingly, the RO issued via the 1-pass ROAP process can
be reproduced, and is easily copied by unauthorized devices, which
are problems.
[0018] Korean Unexamined Patent Publication No. 2005-0109420
(Dealing Method of Digital Literary Work for Protecting Copyright)
discloses a method of backing up digital content and rights
information of the digital content to a specific storage medium,
enabling only a specific device to restore the backed up digital
content, and playing the digital content according to the rights
information, but does not disclose a method of moving an RO freely,
backing up and restoring an RO safely.
SUMMARY OF THE INVENTION
[0019] The present invention provides an apparatus and method for
managing a rights object by safely backing up and restoring the
rights object.
[0020] The present invention also provides an apparatus and method
for managing a rights object which is capable of safely copying and
moving the rights object in a 1-pass ROAP process.
[0021] According to an aspect of the present invention, there is
provided an apparatus for managing an RO, the apparatus including
an input unit that receives an order signal from a user, an
RO-managing unit that determines whether the RO can be backed up
and restored based on RO information when the order signal is
input, and backs up and restores the RO according to a result of
the determination, and an information-managing unit that manages
information related to movement and deletion of the RO and
information on the backed up and restored RO.
[0022] According to another aspect of the present invention, there
is provided a method of managing an RO, the method including
receiving an order signal from a user, determining whether the RO
can be backed up based on RO information when a backup-order signal
is input, backing up the RO according to a result of the
determination, determining whether the backed up RO can be restored
based on the RO information when a restoration-order signal for the
backed up RO is input, restoring the backed up RO according to a
result of the determination, and managing information of the backed
up and restored RO.
BRIEF DESCRIPTION OF THE DRAWINGS
[0023] The above and other aspects of the present invention will
become apparent by describing in detail exemplary embodiments
thereof with reference to the attached drawings in which:
[0024] FIG. 1 illustrates a configuration of a related art
apparatus for performing RO backup;
[0025] FIG. 2 illustrates a process of copying an RO using a
related art 1-pass ROAP process;
[0026] FIG. 3 is a block diagram illustrating the inside of an
RO-managing apparatus according to an exemplary embodiment of the
present invention;
[0027] FIG. 4 is a block diagram illustrating the inside of a
secure multimedia card in an RO-managing apparatus according to an
exemplary embodiment of the present invention;
[0028] FIG. 5 illustrates a configuration of permission information
and state information for backup in an RO-managing apparatus
according to an exemplary embodiment of the present invention;
[0029] FIG. 6 illustrates a configuration of rights log information
in an RO-managing apparatus according to an exemplary embodiment of
the present invention;
[0030] FIG. 7 illustrates a process of backing up and restoring an
RO in an RO-managing apparatus according to an exemplary embodiment
of the present invention;
[0031] FIG. 8 illustrates a process of restoring an RO if an
original RO is removed from a host after backup of the RO in an
RO-managing apparatus according to an exemplary embodiment of the
present invention;
[0032] FIG. 9 illustrates a process of restoring an RO if an
original RO is moved to another host after backup of the RO in an
RO-managing apparatus according to an exemplary embodiment of the
present invention;
[0033] FIG. 10 illustrates an example of preventing an RO from
being copied in an 1-pass ROAP process according to an exemplary
embodiment of the present invention.
DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS OF THE INVENTION
[0034] Exemplary embodiments of the present invention will be
described in detail with reference to the accompanying
drawings.
[0035] Advantages and features of the present invention and methods
of accomplishing the same may be understood more readily by
reference to the following detailed description of the exemplary
embodiments and the accompanying drawings. The present invention
may, however, be embodied in many different forms and should not be
construed as being limited to the embodiments set forth herein.
Rather, these embodiments are provided so that this disclosure will
be thorough and complete and will fully convey the concept of the
invention to those skilled in the art, and the present invention
will only be defined by the appended claims. Like reference
numerals refer to like elements throughout the specification.
[0036] Terms used in this specification are described in the
following.
[0037] A Rights Object (RO) refers to permission and constraints
for using digital content. An Original RO refers to an RO to be
backed up. Backup RO refers to the backed up RO.
[0038] Permission refers to rights to use content. A permission
index refers to an index for distinguishing the types of
permissions (e.g., play, display, execute, move, and backup)
[0039] Constraint refers to a list that limits the count, time, and
device.
[0040] State Information refers to information showing which type
is used by content among types of permissions of an RO.
[0041] A Host refers to a device that plays content according to
rights of an RO. In the present invention, a device that manages an
RO is referred to as a host device.
[0042] A Rights Issuer issues an RO to a host.
[0043] A Secure Multimedia Card stores digital content, an RO and
SI, and supports a host to play the digital content according to
rights of the RO.
[0044] A Rights Log is recorded by a host in order to manage an RO
having backup rights. For example, the host records the rights log
when the RO is removed or moved.
[0045] Backup refers to a process of copying an RO and SI in order
to prevent loss of the RO and SI. Here, a backup RO and SI are not
activated, and therefore cannot be used until they are
restored.
[0046] Restore refers to a process of restoring a backup RO and SI
to an available state, removing the backup RO, and also
transferring the backup RO and SI themselves into the available
state.
[0047] Move refers to a process of copying an RO and SI from one
device (e.g., a host A) to another device (e.g., a host B), and
then removing the corresponding RO and SI from the host A.
[0048] Remove refers to a process of completely removing an RO and
SI from one device.
[0049] 1-Pass Rights Object Acquisition Protocol (ROAP) is defined
by OMA DRM 2.0. A host can only receive a message from the RI, and
cannot respond.
[0050] FIG. 3 is a block diagram illustrating the inside of an
RO-managing apparatus according to an exemplary embodiment of the
present invention.
[0051] Referring to FIG. 3, an RO-managing apparatus 100 includes
an input unit 110, a communication unit 120, an RO-managing unit
130, an information-managing unit 140, a storage unit 150, and a
control unit 160.
[0052] The term "unit," as used herein, means, but is not limited
to, a software or hardware component, such as a Field Programmable
Gate Array (FPGA) or an Application Specific Integrated Circuit
(ASIC), which performs certain tasks. A module may advantageously
be configured to reside in the addressable storage medium and
configured to execute on one or more processors. Thus, a module may
include, by way of example, components, such as software
components, object-oriented software components, class components
and task components, processes, functions, attributes, procedures,
subroutines, segments of program code, drivers, firmware,
microcode, circuitry, data, databases, data structures, tables,
arrays, and variables. The functionality provided for in the
components and modules may be combined into fewer components and
modules or further separated into additional components and
modules.
[0053] The input unit 110 receives an order signal generated by a
user. Here, the order signal refers to one of backup, restoration,
move, and deletion.
[0054] For example, the input unit 110 receives a user's order to
back up an RO in a secure location.
[0055] The communication unit 120 transmits and receives an order
signal for an RO backup and restoration by communicating with a
secure multimedia card.
[0056] The RO-managing unit 130 backs up an RO according to the
order to back up the RO, and restores the backup RO according to
the restoration order. Here, an original RO is backed up in the
secure multimedia card, and the backup RO may be restored in the
RO-managing apparatus 100 or in the secure multimedia card.
[0057] The RO-managing unit 130 checks whether the RO can be backed
up and restored based on RO information stored in the storage unit
150 before backing up and restoring the RO, and performs backup and
restoration according to the checked result.
[0058] For example, the RO-managing unit 130 checks whether the RO
to be backed up has a backup permission. Also, the RO-managing unit
130 checks whether a device to restore the RO is identical with
device information in restoration information, and whether the
original RO has been removed from the corresponding device.
[0059] The information-managing unit 140 manages information on an
RO backed up and restored through the RO-managing unit 130, and
information related with movement and deletion of the RO.
[0060] For example, the information-managing unit 140 generates and
removes RO permission (e.g., backup) information, information on an
available time to backup, a count, and a device, validity
information, information on whether an RO is backed up, and
information on a device in which the RO can be restored.
[0061] The storage unit 150 stores digital content, an RO, and RO
information managed by the information-managing unit 140. Here,
permission information for backup of the RO, state information, and
rights log information, which is the information on the stored RO,
will be described in detail with reference to FIGS. 5 and 6.
[0062] The control unit 160 controls operations of functional
blocks 110 to 150 that configure the RO-managing apparatus 100.
[0063] FIG. 4 is a block diagram illustrating the inside of a
secure multimedia card in an RO-managing apparatus according to an
exemplary embodiment of the present invention.
[0064] Referring to FIG. 4, a secure multimedia card 200 includes a
communication unit 210 and a storage unit 220.
[0065] The communication unit 210 transmits and receives an order
signal for backup and restoration of an RO by communicating with
the RO-managing apparatus 100.
[0066] The storage unit 220 stores the RO backed up and restored by
the RO-managing apparatus 100, and also stores state information
for the RO and digital content.
[0067] FIG. 5 illustrates a configuration of permission information
and state information for backup in an RO-managing apparatus
according to an exemplary embodiment of the present invention.
Here, backup-permission information and state information can be
written using various programming languages such as binary code,
Extensible Markup Language (XML), binary XML, which are stored in
the storage unit 150.
[0068] Referring to FIG. 5, a permission-index field 51 records
types of permission (e.g., backup) of the RO. If a rights issuer
permits backup of all ROs, backup permission and constraints may be
not indicated (if a backup function is supported as a default).
However, backup log information and state information of the RO
have to be recorded, when the RO is backed up.
[0069] An end time and an expiration flag are recorded in a time
field 52 that limits a backup-available time. Backup count and left
backup count are recorded in a count field 53. The number and
version of a device, the length of a device identification (ID),
and a backup device ID are recorded in a device field 54. Here,
information is not always recorded in the time field 52, the count
field 53, and the device field 54.
[0070] A validity period information field 55 manages a rights log.
If time information is recorded in the validity period information
field 55, the corresponding time is a validity period when the
rights log is managed. The rights issuer may additionally decide a
rights log management period. If there is no time information in
the validity period information field 55, the rights issuer may set
a validity period when the rights log is managed in the validity
period information field 55.
[0071] If the rights issuer sets the validity period to one year,
the rights log is generated, and may be deleted after one year.
[0072] A backup flag field 56 may check whether to perform backup,
which records a backup time. If the value of the backup flag field
56 is "NULL," the corresponding RO does not have a backup RO.
[0073] The restoration information field 57 records information on
a device in which the backup RO is restored. When a backup is
performed, the information is recorded in the state information of
the backup RO. The state information of the original RO is
maintained as "NULL."
[0074] FIG. 6 illustrates a configuration of rights log information
in an RO-managing apparatus according to an exemplary embodiment of
the present invention. Here, the rights log can be, for example,
binary code, XML, or binary XML, which is stored in the storage
unit 150.
[0075] The rights log is used when the original RO is removed from
the host or moved to another host.
[0076] Referring to FIG. 6, an RO ID field 61 records the ID of an
RO. The state (e.g., move and remove) of the RO is recorded in a
state information field 62. A time information field 63 records an
event time that shows a removing time when the RO is removed, and a
move time when the RO is moved, and an expiration time showing a
time when the rights log is removed. A target device information
field 64 records information on a host to which the RO is
moved.
[0077] For a validity period of the rights log, if the backup RO is
restored in the corresponding host, the related rights log is
deleted. The rights log that reaches the expiration time is deleted
in order to prevent the rights log frame becoming very large.
[0078] In case of an RO in which the validity period is recorded,
the expiration time is the same as the end time of the time
information field 63. In case of a permanent RO in which the
validity period is not recorded, a generating time of the RO plus
the validity period when the RO is managed equals to the expiration
time.
[0079] FIG. 7 illustrates a process of backing up and restoring an
RO in an RO-managing apparatus according to an exemplary embodiment
of the present invention. A system for managing an RO includes a
host 100, a secure multimedia card 200, and a rights issuer 300,
which is described based on the configuration of permission
information and state information for backup illustrated in FIG. 5
and the configuration of the rights log illustrated in FIG. 6.
[0080] Referring to FIG. 7, the rights issuer 300 issues the RO to
the host 100 (S71).
[0081] Particularly, the rights issuer 300 grants a backup
permission to the corresponding RO. Hence, backup, permission of
the corresponding RO is recorded in the permission-index field
51.
[0082] Then, a scope of backup (e.g., count, time and device) is
selectively recorded, and validity period information is recorded
in the validity period information field 55.
[0083] If time information is recorded in the validity information
field 55, the corresponding time is a validity period when the
rights log is managed. If there is no time information in the
validity information field 55, the rights issuer 300 may set a
validity period when the rights log is managed.
[0084] The host 100 configures state information on the RO issued
by the rights issuer 300, and backs up the RO and the state
information using the secure multimedia card 200 (S72).
[0085] When the input unit 110 receives a user's order to back up
the RO, the RO-managing unit 130 checks whether the RO has backup
permission. In the checked result, if the RO has no backup
permission, the process is terminated.
[0086] If the RO has backup permission (i.e., permission
index=backup), the backup of the RO is performed. At this time, the
information-managing unit 140 renews the state information of the
original RO. That is, the information-managing unit 140 records the
backup time in the backup flag field 56, and reduces the left count
by 1 when the count field 53 is limited. The original RO that has
the backup RO is distinguished from an RO that has no backup RO via
a backup flag.
[0087] The RO-managing unit 130 stores the backup RO to the secure
multimedia card 200 by copying the RO and the state information to
the secure multimedia card 200. The information-managing unit 140
renews the state information of the backup RO. That is, the
information-managing unit 140 generates restoration information
that registers the host 100, which performs backup, as a
restoration device in the secure multimedia card 200. Hence, the
backup RO is distinguished from the original RO using the
restoration information. Here, the backup RO cannot be used,
because it is not activated until it is restored.
[0088] Then, the RO-managing unit 130 of the host 100 restores the
backup RO stored in the secure multimedia card 200. Here, the
method of restoring the backup RO is divided into a method of
restoring the backup RO in the host 100, and a method of restoring
the backup RO in the secure multimedia card 200.
[0089] The RO-managing unit 130 checks whether a device to restore
the RO is identical with device information registered in the
restoration information before restoring the backup RO.
[0090] The RO-managing unit 130 checks the state information field
62 of the rights log of the host 100 (e.g., the host A) in order to
check whether the corresponding original RO is moved to another
host (e.g., the host B).
[0091] In the checked result, the original RO is moved to another
host (e.g., the host B), the RO cannot be restored in the host
(e.g., the host A). After information of the host is moved to the
target device information field 64 of the rights log, the process
of restoring RO is terminated.
[0092] If the original RO is removed from the host 100, it is
possible to restore the backup RO to the host (e.g., the host
A).
[0093] The RO-managing unit 130 of the host 100 can activate the RO
by restoring the backup RO (S73-1). Also, the RO-managing unit 130
of the host 100 can activate the RO after backing up the backup RO
to the secure multimedia card 200, and storing state information
(S73-2).
[0094] The state information of the restored RO is renewed via the
information-managing unit 140. For example, because the restored
backup RO becomes the original RO, "NULL" is recorded in the backup
flag field 56. Because the restoration is terminated, "NULL" is
recorded in the restoration information field 57.
[0095] FIG. 8 illustrates a process of restoring an RO if an
original RO is removed from a host after backup of the RO in an
RO-managing apparatus according to an exemplary embodiment of the
present invention.
[0096] Referring to FIG. 8, the host 100 backs up the RO to the
secure multimedia card 200 (S81). When the RO is removed from the
host 100, the rights log is generated.
[0097] In other words, the ID of the removed RO is recorded in the
RO ID field 61 of the rights log. The state information field 62
records that the RO is removed. The time information field 63
records a time when the RO is removed and an expiration time. The
target device information field 64 records "NULL," because the RO
is not moved.
[0098] If a predetermined record exists in the time field 52 when
the expiration time is recorded, an end time shown by the RO is
recorded as the expiration time of the rights log. If a
predetermined record does not exist in the time field 52, the
validity period recorded in the validity period information field
55 is added to the time when the rights log is generated, which is
recorded as the expiration time.
[0099] When the backup RO is restored from the secure multimedia
card 200 to the host 100, it is checked whether the original RO was
removed by checking the rights log of the host 100. If the original
RO was removed, the RO is restored to the host 10 (S82-1), and also
may be restored to the secure multimedia card 200 (S82-2).
[0100] When the restoration of the backup RO is completed, all
records of the related RO are deleted from the rights log.
Regardless of the completion of the restoration of the backup RO,
the expiration time is periodically checked, and therefore the
expired rights log is removed.
[0101] FIG. 9 illustrates a process of restoring an RO if an
original RO is moved to another host after backup of the RO in an
RO-managing apparatus according to an exemplary embodiment of the
present invention.
[0102] Referring to FIG. 9, a host A 110 backs up the RO to the
secure multimedia card 200 (S91). Then, the host A 110 generates a
rights log after moving the original RO to a host B 120 (S92).
[0103] That is, the ID of the moved RO is recorded in the RO ID
field 61 of the rights log. The state information field 62 records
that the RO is moved to the host B. The time information field 63
records a time when the RO is moved and an expiration time. The
target device information field 64 records information on the host
to which the RO is moved (e.g., the host B).
[0104] The secure multimedia card 200 checks the rights log of the
host A 110 in order to connect to the host A 110 or restore the
backup RO. If the original RO was moved to another host (e.g., the
host B), the secure multimedia card 200 cannot restore the backup
RO to the host A 110 (S93-1). Here, the secure multimedia card
changes restoration device information of the backup RO into target
device (i.e., the host B) information recorded in the rights log of
the host A, and encrypts the backup RO using a public key of the
changed target device.
[0105] The secure multimedia card 200 checks the rights log of the
host B 120 in order to connect to the host B 120 or restore the
backup RO. If the original RO was moved from the host A 110 to the
host B 120, the secure multimedia card 200 can restore the backup
RO to the host B 120 (S93-2). However, because the original RO
already exists in the host B 120, restoration of the backup RO is
not required.
[0106] If the RO is removed after the original RO is moved to the
host B 120, the secure multimedia card 200 can restore the backup
RO to the host B 120.
[0107] FIG. 10 illustrates an example of preventing an RO from
being copied in an 1-pass ROAP process according to an exemplary
embodiment of the present invention.
[0108] Referring to FIG. 10, a rights issuer 300 issues an RO to a
host A 110 via an 1-pass ROAP process (S101). At this time, an
unauthorized device that exists inside or outside of the host A 110
illegally copies the issued RO (S102).
[0109] When the RO is move from the host A 110 to a host B 120
(S103), a rights log is generated in the host A 110.
[0110] That is, the ID of the moved RO is recorded in the RO ID
field 61 of the rights log. The state information field 62 records
that the RO is moved to the host B 120. The time information field
63 records a time when the RO is moved and an expiration time. The
target device information field 64 records information on the host
to which the RO is moved (e.g., the host B).
[0111] When the unauthorized device reissues an RO to the host A
110 via the 1-pass ROAP process, the host A 110 checks the rights
log. In the checked result, because there is a record showing that
the issued RO was moved to the host B 120 in the rights log of the
host A 110, the unauthorized device cannot reissue the RO
(S104).
[0112] When the unauthorized device moves an RO to the secure
multimedia card 200, because the unauthorized device cannot
generate a secure key of the corresponding RO, it is not possible
to move the RO to the secure multimedia card 200. Here, the secure
key, e.g., a public key is used to authenticate a subject that
issues or receives an RO (e.g., the rights issuer, the host, and
the secure multimedia card) and a subject that moves or receives an
RO, when the RO is issued or moved.
[0113] As described above, the apparatus and method for managing an
RO according to the present invention produces one or more of the
effects described below.
[0114] It is possible to back up an RO used in a host to a secure
multimedia card and to safely restore a backup RO, even if the RO
stored in the host is removed or moved to another host.
[0115] When using predetermined content, if backing up the RO of
the corresponding content, a user can know the position of the
backup RO, and therefore can easily manage content and the RO.
[0116] It is possible to compensate for a weakness of the 1-pass
ROAP process, thereby preventing authorized copy of an RO.
[0117] Although the exemplary embodiments of the present invention
have been disclosed for illustrative purposes, those skilled in the
art will appreciate that various modifications, additions and
substitutions are possible, without departing from the scope and
spirit of the invention as disclosed in the accompanying
claims.
* * * * *